Busting GDPR myths

It's 5 months on since GDPR came into European law. And there are still a number of myths that are commonly believed:

  • Myth 1: The GDPR doesn't affect companies that don't operate in Europe
  • Myth 2: The only reason to comply with GDPR is the big fines you could get hit with
  • Myth 3: Under GDPR you need consent to process personal data
  • Myth 4: If GDPR doesn't affect you, you don't need to worry about updating your privacy policy and security posture
  • Myth 5: GDPR is only about cyber-crime and hacking

Do you believe any of these myths? Have any of them influenced the way you treat privacy and security in your company? Because if so you need to read this myth-buster from the Project Consulting Group.

Written from an American perspective, but giving advice that is relevant globally, their short paper on GDPR myths is essential reading: find out the truth about how GDPR affects companies outside the European Union.

Image under licence from iStockPhoto.com, credit SBphotos